o Ch@srddlmZddlmZmZddlmZmZGdddeZ dddZ d d Z d d Z d dZ ddZddZdS))unicode_literals)RolePermissionScopeExceptionCheckerNotRegistered)get_user_rolesget_or_create_permissionc@s4eZdZiZeddZeddZeddZdS)PermissionsManagercCs||j|<dSN _checkers)clsnamefunctionrm/var/www/html/myvaluetrips/my_value_trip_new/venv/lib/python3.10/site-packages/rolepermissions/permissions.pyregister_checker sz#PermissionsManager.register_checkercCs|jSrr )r rrr get_checkersszPermissionsManager.get_checkerscCs ||jvr |j|Std|)Nz'Checker with name %s was not registered)r r)r checker_namerrrretrieve_checkers   z#PermissionsManager.retrieve_checkerN)__name__ __module__ __qualname__r classmethodrrrrrrrrs  rNcsfdd}|S)Ncsrn|j}t|||Sr)rrr)funcrr rrfuction_decorators z2register_object_checker..fuction_decoratorr)r rrrrregister_object_checkers rcCst|\}}|S)z/Get a Permission object from a permission name.)r)permission_name permissioncreatedrrrget_permission#s rcCsHt|}i}t|jjddd}|D]}|D]}||v||<qq|S)zb Get a boolean map of the permissions available to a user based on that user's roles. codenameT)flat)rsetuser_permissions values_listpermission_names_list)userrolespermission_hashuser_permission_namesrolerrrravailable_perm_status*s r+cs:t|}tdd|D|rfdd|jDSgS)a Return a list of permissions codenames available to a user, based on that user's roles. i.e., keys for all "True" permissions from available_perm_status(user): Assert: set(available_perm_names(user)) == set(perm for perm,has_perm in available_perm_status(user) if has_perm) Query efficient; especially when prefetch_related('group', 'user_permissions') on user object. No side-effects; permissions are not created in DB as side-effect. css"|] }|D]}|VqqdSr)r%).0r*prrr Ds z'available_perm_names..csg|] }|jvr|jqSr)r )r,r- perm_namesrr Esz(available_perm_names..)rr"r#all)r&r'rr/ravailable_perm_names;s r3cC@t|}|D]}||vrt|}|j|dSqtd)z Grant a user a specified permission. Permissions are only granted if they are in the scope any of the user's roles. If the permission is out of scope, a RolePermissionScopeException is raised. N?This permission isn't in the scope of any of this user's roles.)rr%rr#addrr&rr'r*rrrrgrant_permissionI  r8cCr4)z Revoke a specified permission from a user. Permissions are only revoked if they are in the scope any of the user's roles. If the permission is out of scope, a RolePermissionScopeException is raised. Nr5)rr%rr#removerr7rrrrevoke_permission^r9r;r) __future__rrolepermissions.exceptionsrrrolepermissions.rolesrrobjectrrrr+r3r8r;rrrrs